aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/openssl.c62
1 files changed, 38 insertions, 24 deletions
diff --git a/src/openssl.c b/src/openssl.c
index f2166f5..6079bee 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -30,7 +30,7 @@
#include <string.h> /* memset(3) strerror_r(3) */
#include <strings.h> /* strcasecmp(3) */
#include <math.h> /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */
-#include <time.h> /* struct tm time_t strptime(3) */
+#include <time.h> /* struct tm time_t strptime(3) time(2) */
#include <ctype.h> /* tolower(3) */
#include <errno.h> /* errno */
@@ -3039,40 +3039,53 @@ static int xx_setIssuer(lua_State *L) {
static int xx_add(lua_State *L) {
- int ok = 1;
-
- lua_settop(L, 3);
X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
- BIGNUM *serial = checkbig(L, 2);
-
+ BIGNUM *bn = checkbig(L, 2);
+ double ut = luaL_optnumber(L, 3, time(NULL));
X509_REVOKED *rev = NULL;
- ASN1_INTEGER *aserial = NULL;
+ ASN1_INTEGER *serial = NULL;
ASN1_TIME *date = NULL;
- if (!(rev = X509_REVOKED_new())) goto error;
+ if (!(rev = X509_REVOKED_new()))
+ goto error;
- if (!(aserial = BN_to_ASN1_INTEGER(serial, NULL))) goto error;
- if (!X509_REVOKED_set_serialNumber(rev, aserial)) goto error;
+ if (!(serial = BN_to_ASN1_INTEGER(bn, NULL)))
+ goto error;
- if (!(date = ASN1_TIME_new())) goto error;
- if (lua_isnil(L, 3)) X509_gmtime_adj(date, 0);
- else if (!ASN1_TIME_set(date, luaL_checknumber(L, 3))) goto error;
- if (!X509_REVOKED_set_revocationDate(rev, date)) goto error;
+ if (!X509_REVOKED_set_serialNumber(rev, serial)) /* duplicates serial */
+ goto error;
- if (!X509_CRL_add0_revoked(crl, rev)) goto error;
+ ASN1_INTEGER_free(serial);
+ serial = NULL;
- goto done;
+ if (!(date = ASN1_TIME_new()))
+ goto error;
- error:
- ok = 0;
+ if (!ASN1_TIME_set(date, ut))
+ goto error;
- done:
- if (date) ASN1_TIME_free(date);
- if (serial) ASN1_INTEGER_free(aserial);
- if (!ok && rev) X509_REVOKED_free(rev);
+ if (!X509_REVOKED_set_revocationDate(rev, date)) /* duplicates date */
+ goto error;
- return ok ? 0 : throwssl(L, "x509.crl:add");
-} /* xx_setIssuer() */
+ ASN1_TIME_free(date);
+ date = NULL;
+
+ if (!X509_CRL_add0_revoked(crl, rev)) /* takes ownership of rev */
+ goto error;
+
+ lua_pushboolean(L, 1);
+
+ return 1;
+error:
+ if (date)
+ ASN1_TIME_free(date);
+ if (serial)
+ ASN1_INTEGER_free(serial);
+ if (rev)
+ X509_REVOKED_free(rev);
+
+ return throwssl(L, "x509.crl:add");
+} /* xx_add() */
static int xx_sign(lua_State *L) {
@@ -3134,6 +3147,7 @@ static const luaL_Reg xx_methods[] = {
{ "setIssuer", &xx_setIssuer },
{ "add", &xx_add },
{ "sign", &xx_sign },
+ { "tostring", &xx__tostring },
{ NULL, NULL },
};